Manager, Offensive Security Assessment

Permanent Position
- Flexible working arrangement
- Work for a leading organisation

**READY FOR ANYTHING**

At IAG, we live and work by our purpose to make your world a safer place. We are motivated by a unique culture that celebrates honesty, creativity, empathy, equity and collaboration. We call it the IAG way, and it means we all share a ‘ready for anything’ mindset that sets the tone for positive actions and positive outcomes. We put heart into everything we do which guides us to create amazing things for our customers, our people and our communities.

As the largest general insurance group in Australia and New Zealand, we own some of the region’s most trusted brands, including NRMA Insurance, CGU, SGIO, SGIC and WFI. We are ready for anything.

**The Role**

The purpose of the role and your unique contribution is to manage offensive security services to protect our people, information and assets by continuously assessing and hacking security controls to make our world a safer place.

**Key Responsibilities**
- Support the delivery and maintenance of the domain architecture for offensive security assessment and drive capability and service enhancements.
- Lead the objective based testing program by managing a team that conducts red, black and purple team assessments to identify vulnerabilities that can be exploited.
- Lead security vulnerability and configuration assessments by managing a team who perform continuous automated vulnerability scanning on all technology systems in the Group and assess the security configuration of network and server infrastructure along with AWS and Azure cloud environments.
- Operate and maintain all technology that underpins the offensive security services being delivered to the Group, including a security testing lab.
- Provide reporting & analytics to all stakeholders so they have full visibility of the functions plans and outcomes on a regular basis. Be able to use a data driven approach to show value derived from the security assessment services.
- Continuously identify process improvement opportunities and where use automation to derive greater efficiencies.
- Awareness and compliance with the Group Delegations & Authorities Policy

**Skills and Experience**
- 10+ years technology management with proven executive leadership expertise.
- Experience in establishment and/or operation of security assessment practices, including delivery and management of offensive security program of work.
- Experience in executing ethical hacking and objective based assessment services at scale.
- Experience in executing security vulnerability and configuration assessment services within large complex organisations.
- Experience with more progressive technologies s and environments, along with the use of automation.
- Experience with modern cloud deployments and architectural solutions.
- Experience leading a large team of information security professionals and is capable of creating and maintaining a good team culture.
- Demonstrated security vendor management, cross-cultural listening skills with strong influencing and negotiation experience.
- Experience presenting to executive level stakeholders on the outcomes of assessments.
- A broad network both within the enterprise and with external visionaries.
- Relevant tertiary qualifications in a field related to the role (technology or commercial)
- Relevant professional memberships and certifications: OSCP, CEH or SAN certifications in penetration testing practices, CISM qualification.

**Desired Experience**
- Experience in building relationships with Government, Industry, Academia and Security Agencies.
- Insight into the way that digital transformation and security threats are affecting our industry.
- Connection to the security research field and the hacker community.
- Ability to set strategy and adjust course to respond to changing threat landscape

**Ready for anything? Let’s talk.**

IAG rewards and recognises its people with generous benefits, career development opportunities and real work-life balance. Employees also enjoy 13% superannuation, up to 50% insurance discounts, flexible work and leave options, generous parental leave and return to work programs, various corporate partner discounts and a people-focused culture that celebrates achievements big and small.
IAG has committed to the reconciliation movement in Australia for First Nations people and focus on providing a safe and supportive work environment for all our employees. More information on our Reconciliation Action Plan can be found on our company website.